At a White House press conference, Attorney General Eric Holder paints a grim picture of the state of cyberdefense, commenting, "There are only two categories of companies affected by trade-secret theft: those that know they've been compromised and those that don't know it yet. A hacker in China can acquire source code from a software company in Virginia without leaving his or her desk."

Many top companies, including General Motors Comp. (GM), E. I. DuPont De Nemours and Comp. (DD), Google Inc. (GOOG), and American Superconductor, Corp. (AMSC), have seen trade secrets stolen by hackers in China. At the press conference John Powell, general counsel for American Superconductor, shared a particularly troubling tale of how a big Chinese wind company -- formerly the largest client of his firm -- recruited a former employee and used their knowledge to remotely steal trade secrets. He comments, "It's a real threat and it's a really costly threat."

The document is ambiguous on how the U.S. will respond, but it makes it clear that Washington D.C. is well aware of the attacks from China on top U.S. corporations. Currently, the ability to mount a strong counteroffensive is stifled by the relative "greenness" of America's cyber-fighting force. This force is composed mostly of straight-shooting college IT types, many of whom have never hacked into a system they weren't allowed to.

Over the last year, the National Security Agency (NSA) has been showing up at top hacker conventions trying to convince more talented hackers to join its ranks -- but such efforts remain in their infancy and are being heavily stifled by animosity from the hacker community over punitive computer crimes law enforcement.

Security firm Akama Technologies, Inc. (AKAM) estimates that in 2012 33 percent of attack traffic originated from China. By contrast, the U.S. -- in second place -- only claimed 13 percent of global attack contract. Chinese government officials claim that hacking is illegal in China and that its own companies are also victimized by their domestic hackers. However, many of the attacks appear to be geared towards suppressing dissidents or attacking U.S. media entities that expose secrets of Chinese politicians.

Chinese hackers are responsible for a third of the world's cyberattacks. [Image Source: Kealtu]

The result is that the cyberwar between the U.S. and China is playing out as a classic bully-victim situation. China denies everything while constantly abusing both U.S. government agencies and private companies. And experts believe the U.S. is doing far precious little to fight back.

Last week, President Obama signed a cybersecurity executive order calling for voluntary corporate information sharing on security risks. Congress is in the process of establishing a more rigid framework for the sharing.

James Lewis, a former top State Department official who is now a cybersecurity specialist at the Center for Strategic and International Studies, praised the Obama administration's actions in an interview with The Wall Street Journal, stating, "This is what you have to do to get the Chinese to behave differently. You've got to keep pushing on them; you've got to keep grinding."

Trade pacts like the Trans-Pacific Partnership may provide a forum to push for stricter intellectual property protections. And Mr. Lewis suggests that the U.S. could put pressure on China by denying Chinese companies access to American banks, or by denying Chinese researchers visas, if attacks continue.